icedid | 31dde4fbe6f38f5bb725258a88d6d043db03517be3538b66eb94ad87c108345e | Triage

Sharing

General

Target

a9b0640b857155f63b5f026861277d2d28bd16f40715433543d1fd145ded5a42.zip
Size

83KB
Sample

220321-x4yajadeh6
MD5

7ef96e1719f04054139233d59f3376d9
SHA1

86ed8de3fcceafe66e2d4a2a878e4ed65f93d0ff
SHA256

31dde4fbe6f38f5bb725258a88d6d043db03517be3538b66eb94ad87c108345e
SHA512

48ea62cfeebbe4417a41d8e11f3077cd2f8f0262c757e5810b35751bcbea9f6b81b1464c29e94036392f17b481f7097cd226a42998324c4521a031003b89de1b

Score

10^/10

icedid 3546287305 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3546287305

C2

oceriesfornot.top

Targets

- Target
  
  dart.dll
- Size
  
  148KB
- MD5
  
  b20d49ba5d4c4a6e089b895de8949279
- SHA1
  
  8f23d9a24ba792706ca19d633f6a925e311670d6
- SHA256
  
  db5cabe22595607a408fa30bdf288c0992bff836d2e62f6de98d8757f9805e9b
- SHA512
  
  7c45c6565e9e55e9473c707c2001459140016d4133cba5df5083961d6b93d3756ee4a239be5d4c25aa22351f713fb3b564397994d7124a624358f2fbe7e4a540
Score

10^/10

icedid 3546287305 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2
- Target
  
  document.lnk
- Size
  
  1KB
- MD5
  
  73a2a00ca772abb82329d9c8a0390109
- SHA1
  
  e12e4075798a81c84961bddef67a7b0121338eb4
- SHA256
  
  62d9bd841b5d37ddb474e716670cf88993bf007fd1323ec2ef00d366db50abfc
- SHA512
  
  dedd27b975b44690535c5bec01e77788c1075cfac9ebbe28e37dc16fbc150aee6d6051820d5a4e74e3d0f25af9ab9f8681d900524d9c8e4a55e5ff0def97ca65
Score

10^/10

icedid 3546287305 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid3546287305bankerloadertrojan

behavioral2

icedid3546287305bankerloadertrojan

behavioral3

icedid3546287305bankerloadertrojan

behavioral4

icedid3546287305bankerloadertrojan